because it’s an easy way to infect thousands of users and collect their data”

When you download a page via a proxy server, there is no guarantee that you get the original page… There is a high risk that the proxy server sent you back a modified page. Read the article above for more details.

With ACL (Access Control List) you can set exactly who can access your files and directories. With ACL you can set things like “nobody can read this file except user XY”, or “no one can write this directory except the user Z”.

With setfacl you can set the ACL rights. With getfacl you can ask the ACL rights of a file/folder.

Example #1
You have a pmwiki installation that runs on an Apache webserver. PmWiki has a directory called “wiki.d” that must be writable too, otherwise you cannot edit your wiki from a browser. Behind the scenes it’s Apache’s www-data user who wants to write in this directory.

A naive approach is to “chmod 777 pmwiki/wiki.d”. In this case anyone with a shell access to the server can modify the content of this folder.

A better way is to give the necessary grants to Apache’s www-data user:

setfacl -R -m u:www-data:rwx $HOME/public_html/pmwiki/wiki.d

Thanks to Jeszy for the tip.

Example #2
You have a web application that uses an SQLite database. Again, the www-data user would like to write into it. In addition, www-data must be able to write to the directory too that contains the database file.

MD5 is a hash, not an encryption. From this hash value you cannot restore the original content. However, you can take a dictionary, hash every word in it with md5, then compare the original md5 value with them. If there is a match, your md5 is cracked.

“MD5Decrypter.co.uk allows you to input an MD5 hash and search for its decrypted state in our database, basically, it’s a MD5 cracker / decryption tool… We have a total of just over 43.745 billion unique decrypted MD5 hashes since August 2007.” (source)

So, if you store your passwords in md5 format and someone has access to them, they are not safe at all… If an md5 hash is generated from a weak password, it can be cracked in an instant with the tool above.